Lucene search
Veracode Vulnerability DatabaseVERACODE:22209HistoryDec 20, 2019 - 12:15 a.m.
Arbitrary Files Overwrite
2019-12-2000:15:19
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
0.077 Low
EPSS
Percentile
94.2%
git is vulnerable to arbitrary files overwrite. The files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams.
| CPE | Name | Operator | Version |
|---|---|---|---|
| git | eq | 2.18.1__3.el8 | |
| rh-git218-git | eq | 2.18.1__2.el7 | |
| rh-git218-git | eq | 2.18.1__3.el7 | |
| git:3.11 | eq | 2.24.1-r0 | |
| git:3.7 | eq | 2.15.3-r0 |
References
lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html
access.redhat.com/errata/RHSA-2019:4356
access.redhat.com/errata/RHSA-2020:0228
access.redhat.com/security/updates/classification/#important
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1352
public-inbox.org/git/[email protected]/
Related
symantec
symantec
mscve
mscve
Git for Visual Studio Remote Code Execution Vulnerability
2019-12-10 08:00:00
debiancve
debiancve
redhatcve
redhatcve
ubuntucve
ubuntucve
cve
cve
prion
prion
Remote code execution
2020-04-27 17:15:00
Remote code execution
2020-01-24 21:15:00
Remote code execution
2020-01-24 21:15:00
nvd
nvd
cvelist
cvelist
osv
osv
CVE-2020-12278
2020-04-27 17:15:13
CVE-2019-1352
2020-01-24 21:15:12
git - security update
2020-01-06 00:00:00
openvas
openvas
openSUSE: Security Advisory for libgit2 (SUSE-SU-2022:3495-1)
2022-10-05 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:3495-1)
2022-10-05 00:00:00
Huawei EulerOS: Security Advisory for libgit2 (EulerOS-SA-2020-1861)
2020-08-31 00:00:00
nessus
nessus
RHEL 8 : libgit2 (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 7 : libgit2 (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 8 : libgit2 (Unpatched Vulnerability)
2024-05-11 00:00:00
suse
suse
Security update for libgit2 (important)
2022-10-04 00:00:00
Security update for git (important)
2020-01-29 00:00:00
Security update for git (moderate)
2020-05-02 00:00:00
redhat
redhat
(RHSA-2020:0228) Important: git security update
2020-01-27 08:04:40
(RHSA-2019:4356) Important: git security update
2019-12-19 18:18:24
(RHSA-2020:0002) Important: rh-git218-git security update
2020-01-02 08:21:54
archlinux
archlinux
[ASA-201912-5] libgit2: arbitrary code execution
2019-12-18 00:00:00
[ASA-201912-6] git: arbitrary code execution
2019-12-18 00:00:00
alpinelinux
alpinelinux
debian
debian
[SECURITY] [DLA 2059-1] git security update
2020-01-23 14:27:34
[SECURITY] [DSA 4581-1] git security update
2019-12-10 19:56:55
[SECURITY] [DSA 4581-1] git security update
2019-12-10 19:56:55
kaspersky
kaspersky
KLA11618 Multiple vulnerabilities in Microsoft Developer Tools
2019-12-10 00:00:00
oraclelinux
oraclelinux
git security update
2019-12-19 00:00:00
qualysblog
qualysblog
fedora
fedora
[SECURITY] Fedora 31 Update: libgit2-0.28.4-1.fc31
2019-12-17 01:46:03
[SECURITY] Fedora 31 Update: git-2.24.1-1.fc31
2019-12-18 01:56:26
[SECURITY] Fedora 30 Update: git-2.21.1-1.fc30
2020-01-04 22:16:13
amazon
amazon
altlinux
altlinux
Security fix for the ALT Linux 8 package git version 2.24.1-alt1
2019-12-12 00:00:00
Security fix for the ALT Linux 10 package git version 2.24.1-alt1
2019-12-08 00:00:00
gentoo
gentoo
Git: Multiple vulnerabilities
2020-03-15 00:00:00
ubuntu
ubuntu
Git vulnerabilities
2019-12-10 00:00:00
cloudfoundry
cloudfoundry
USN-4220-1: Git vulnerabilities | Cloud Foundry
2019-12-18 00:00:00
threatpost
threatpost
Microsoft Zaps Actively Exploited Zero-Day Bug
2019-12-10 21:21:24